An updated sos package that fixes several bugs and adds various enhancements is now available for Red Hat Enterprise Linux 6.
The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging.
- The SELinux plug-in used some commands that are obsolete on modern Linux distributions so the sosreport utility was unable to collect some information from the SELinux tools and diagnostics. The plug-in has been updated to reflect changes in the SELinux tools and diagnostics so that sosreport is now able to collect more information from these components.
- Previous versions of sos did not mask passwords in libvirt's XML configuration files and output of the corosync-obctl command so the passwords may have been disclosed to recipients of sosreport data. This update modifies the respective libvirt and corosync plug-ins so that passwords are now left out when collecting sos data from the aforementioned sources.
- Previously, when executing external commands, sos always used the user's environment settings unless the environment was explicitly specified by a plug-in used for collecting sos data. Consequently, the collected output was a subject to locale and custom settings of the user running the sosreport command, which could be undesirable for further processing of the data. With this update, sos runs all external commands with a consistent LC_ALL setting and the command output is now collected using the C locale.
- The sosreport utility previously verified all installed packages by default, which was highly demanding on CPU and memory usage. To avoid this situation, the rpm plug-in now contains a fixed list of packages to verify, including core system packages such as the kernel packages.
- Previous versions of sos did not preserve the permissions of the collected files. File permissions in sosreport archives could have been inconsistent with file permissions on the host system, potentially misleading the user. With this update, sos preserves ownership and permissions of the collected files.
- The sosreport utility previously could cause unexpected RPC failures on the local system by attempting to copy RPC channel files from the proc file system (/proc/net/rpc/*/channel). These files are now blacklisted from collection and the sosreport command can no longer interfere with active RPC communications.
- The openswan plug-in previously collected output of the "ipesec barf" command to obtain VPN related diagnostic information. This could cause sosreport to appear unresponsive when running on systems that contained accounts with large UIDs and had installed a version of openswan affected by bug 771612. With this update, the ipsec barf command is no longer run by default, and the problem can no longer occur in this scenario, unless the barf functionality is explicitly enabled from the command line.
- The devicemapper plug-in used an obsolete syntax to obtain information from the udev subsystem. The plug-in called the "udevinfo" command instead of the actual command, "udevadm info". This has been fixed with this update, and the correct property data can now be collected for the relevant block device types.
- The sosreport command incorrectly assumed that the tar program would always write data on standard output by default. Consequently, when the TAPE environment variable was set, data may have been unexpectedly written to a tape device, or another location expanded to by this variable. The sosreport has been modified to always call the tar command with the "-f" option, forcing data to be written to standard output. Users who set the TAPE variable in their environment can run sosreport without risking that data on existing tape devices could be overwritten.
- Previous versions of sos allowed passwords from luci configuration files to be collected by the cluster module so the passwords may have been disclosed to recipients of sosreport data. This update modifies the cluster module so that luci passwords are now left out from the collected data.
- Previous versions of the sos package called the "wbinfo -u" command to collect user information from domains visible to the system Winbind configuration. However, the wbinfo command may have used very large amounts of memory and CPU time on large Active Directory installations with many trusted domains. As a consequence, sosreport appeared to be unresponsive and may have triggered out-of-memory conditions for other processes. The sosreport command has been modified to use the "--domain='.'" switch with the wbinfo command, which restricts data collection to the local domain. The problem no longer occurs in the described scenario.
- Previous versions of sos collected the file /etc/krb5.keytab on systems where kerberos authentication is configured. This file contains encrypted keys and is of limited diagnostic value. A summary of entries in the file is now obtained using the klist command instead.
- The output of the "gluster volume geo-replication-status" command may be important for debugging problems related to Gluster geographic replication. Therefore, the gluster plug-in now collects this diagnostic output by default.
- The ID mapping daemon (idmapd) controls identity mappings used by NFS services and may be important for diagnostic and troubleshooting efforts. Therefore, the idmad.conf configuration file is now collected on NFS client and server hosts, and can be analyzed in the sosreport utility.
- The sosreport utility now allows collecting configuration files for the Open Hardware Platform Interface (OpenHPI) components.
- The sosreport utility now collects kernel log data (dmesg logs) from vmcore dump files that are found on the system.
- The sos package now supports collecting of unified cluster diagnostic data with the crm_report tool.
Users of sos are advised to upgrade to this updated package, which fixes these bugs and adds these enhancements.